Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5e0d0db17534f93b711d12b8474324239bb9b1d14d9a692f755e2759319760da

  • Size

    568KB

  • Sample

    230422-b9gdbabg35

  • MD5

    e163a70cfd6813b062121e597e74a07c

  • SHA1

    06b5aa47b9d7d771c6e83cd27d39eb67cf3981ce

  • SHA256

    5e0d0db17534f93b711d12b8474324239bb9b1d14d9a692f755e2759319760da

  • SHA512

    96d178d2f8841a7765612cdb3e404e0134c3d35facf8bb93ee3b4ea9b8ff13c55373565e3cc6a977bb2589bf9a3c9c6c33d22ff778f79f69ae0b469694c80064

  • SSDEEP

    12288:Qy90SjjHzRVp7Ke0lOS/DSbrriYtOaheIMg/veImXNuUF:QyPjH3+T/DHYtJvv8XNd

Malware Config

Targets

    • Target

      5e0d0db17534f93b711d12b8474324239bb9b1d14d9a692f755e2759319760da

    • Size

      568KB

    • MD5

      e163a70cfd6813b062121e597e74a07c

    • SHA1

      06b5aa47b9d7d771c6e83cd27d39eb67cf3981ce

    • SHA256

      5e0d0db17534f93b711d12b8474324239bb9b1d14d9a692f755e2759319760da

    • SHA512

      96d178d2f8841a7765612cdb3e404e0134c3d35facf8bb93ee3b4ea9b8ff13c55373565e3cc6a977bb2589bf9a3c9c6c33d22ff778f79f69ae0b469694c80064

    • SSDEEP

      12288:Qy90SjjHzRVp7Ke0lOS/DSbrriYtOaheIMg/veImXNuUF:QyPjH3+T/DHYtJvv8XNd

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks